<?php
include('db.php');
$db = getDbWithoutControll();

$content=file_get_contents("../view/login.html");
$_INFO_="_INFO_";
$_INFO_content="";



 
 if($_GET["passwd"] && $_GET["user"])
 {
 	 $sqlCommand="SELECT * FROM access WHERE user='". $_GET["user"] . 
	 						"' AND passwd='" . $_GET["passwd"]."'";
						
	 $result = $db->Execute($sqlCommand);
	 		
	 if ($result === false) 
	 	die($sqlCommand);  
 

 	if ($result->EOF)
 	{
 		$_INFO_content="<b>Username or Password is invalid</b>";
 	}
 	else
 	{
 		$sqlCommand="UPDATE access SET logged=1";
 		$result = $db->Execute($sqlCommand);
 		
 		if ($result === false)
 			die($sqlCommand);
 		
 		$_INFO_content="<b>Login OK</b>";
 		$_INFO_content.="<br>";	
 		$_INFO_content.="
 		<script type=\"text/javascript\">
 		function Redirect()
 		{
 			window.location=\"events.php\";
 		}
 		setTimeout('Redirect()', 1000);
 		</script>";
 		
 	}
 }
 	/*
 while (!$result->EOF) {
    for ($i=0, $max=$result->FieldCount(); $i < $max; $i++)
           print $result->fields[$i].' ';
    $result->MoveNext();
    print "<br>";
 } */


 $content = str_replace($_INFO_ , $_INFO_content, $content);
 
 
 
 // Display page
 echo $content;
 
?>
